Last week was a zoo-- a lot of announcements at the SF Summit, while I appeared on the CUBE as well as AWS on Air. Grab a cup of coffee-- this issue is going to be lengthier than normal.

Next week's issue of Last Week in AWS could be sponsored by you! Last Week in AWS goes to over 5,000 people-- and its newly launched companion podcast Screaming in the Cloud gets over 6500 listens per episode and is rapidly growing. If you've got an offering that our discerning readership may find interesting, hit reply and let's chat.

Community Contributions

I like thoughtful deep-dive pieces as much as anyone else, but every once in a while I like finding gems like this one. It doesn't purport to do anything other than teach you how to easily delete large S3 buckets.

A great story about securing AWS access keys intelligently from the Grofers engineering blog. I like the idea of restricting IP ranges for key usage...

A description of AWS DR concepts in the context of a zombie apocalypse. Unfortunately it goes in a different direction than "which AWS service is likeliest to be patient zero." Hit reply and tell me which service that would be.

A great reference to what AWS (and by extension, cloud computing) is for beginners. It's one of the better basic introductions to AWS I've found.

Amazon Transcribe is Now Generally Available - With Transcribe being GA and fairly inexpensive, I don't get why more podcasts aren't offering full transcriptions. (In the interest of transparency, while Transcribe is awesome, Screaming in the Cloud still features human transcription for the time being.)

Introducing AWS Secrets Manager | Amazon Web Services (AWS) - This service is awesome, not only because it's a great answer to how to handle rotation of sensitive credentials fleet-wide, but because the name of the service is also somebody's job title. Somewhere in Seattle someone misinterpreted "AWS Secrets Manager now generally available" as "you're fired" and had a minor heart attack.

Classify sensitive data in your environment using Amazon Macie | AWS Security Blog - Macie is a great attempt at helping to stem the tide of S3 Bucket Negligence awards. I really wish they'd run this automatically for publicly exposed buckets, but alas... That said, my biggest problem with Macie is its pricing model; at $5 per gigabyte processed, I think I can implement this more cost effectively by underpaying college students.

Tools

Ben Kehoe has released faas-form, a command line tool that invokes self-describing Lambda functions.

Perhaps you use CloudFormation or Terraform to manage AWS resources. Perhaps you should get off my lawn and use Makefiles like we did back in my day.

Annoyed that you can't inline Python code in CloudFormation when it exceeds the 4K limit? Use lambda-smush-py to get around that problem, and horrify your friends,

Okay, I'm impressed. I get that the community iterates rapidly, but releasing Summon the same day as the service it's integrated with was released is nothing short of astonishing.

Terrible Tip of the Week

...and that's what happened Last Week in AWS.

I’m Corey Quinn. I help people significantly reduce and understand their AWS bills and speak broadly on the conference circuit. I advise companies doing interesting things in the cloud space, such as ReactiveOps.

If you've enjoyed reading this, tell your friends to sign up at lastweekinaws.com (or post a link in your company Slack team!) about it. As always, if you've seen a blog post, a tool, or anything else AWS related that you think the rest of the community should hear about, send them my way. You can either hit reply-- or join the #lastweekinaws channel on the og-aws Slack team.